Apple updates iPhoto 7.1.2 with a security fix

A new security update is available for Mac OS X users running the program that's part of iLife 08.

On Tuesday, Apple issued a security update for iPhoto. The update is for users of Mac OS X v10.4.9 or later running iPhoto '08 (part of iLife 08). It addresses the vulnerability detailed in CVE-2008-0043.

To be vulnerable, Apple says, a user must subscribe to a maliciously crafted photocast. A remote attacker may then execute arbitrary code on the compromised machine. The fix addresses how iPhoto handles format strings when processing photocast subscriptions.

Apple credits Nathan McFeters of Ernst & Young's Advanced Security Center for reporting this vulnerability.

Tags:
Security
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Discuss Apple updates iPhoto 7.1.2 with a security fix

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    Runcible 'wearable' pocket smartwatch (pictures)
    Autodesk helps to make the maker (pictures)
    Lyve keeps your photos organized (pictures)
    Check out these great Android games (pictures)
    Alto's Adventure has excellent graphics (pictures)
    Check out the cheap, 4G LTE Motorola Moto E (pictures)